[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The netsec thread

From: Paul Eggert
Subject: Re: The netsec thread
Date: Fri, 23 Aug 2019 12:03:18 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0

Lars Ingebrigtsen wrote:

I don't have access to a Fedora system to test on

"make check" works for me on Fedora 30 again; thanks.

Hm...  Since GnuTLS no longer supports compression at all, I would have
assumed that on newer OS versions this would be a NOOP.

Yes, the newer GnuTLS implementations are stub functions that are marked obsolescent, which causes GCC to warn when you compile code calling them, and if --enable-gcc-warnings is used this caused the Emacs build to fail. The fix I installed was to call these obsolescent functions only in older GnuTLS versions, where they are not obsolescent.

Come to think of it, Emacs shouldn't make the :compression feature visible on newer-GnuTLS systems, since the feature is obsolescent and just clutters up the runtime and data. So I installed the attached patch, which causes this feature (and the :encrypt-then-mac feature) to be exported to the Lisp level only if the underlying GnuTLS library supports the feature. This gives a bit more info to the Lisp code (if it wants it) and simplifies the data and the low-level code slightly.

Attachment: 0001-Tweak-gnutls-peer-status-reporting.patch
Description: Text Data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]